Find notable cyber news and cases, enriched with sources, timelines, and signals.

Fortinet security patch release for CVE-2025-64155

Security Patch Release
First reported
Last updated
Happening score
H score 41
2 unique sources, 2 articles

Summary

Hide ▲

Fortinet released security updates for FortiSIEM and FortiFone, closing critical vulnerabilities that could let unauthenticated attackers achieve code execution or expose device configuration on affected systems. The FortiSIEM flaw, CVE-2025-64155, impacts specific Super and Worker nodes and was rated 9.4/10.0. A separate FortiFone issue, CVE-2025-47855, could leak configuration data through a crafted HTTP(S) request. Fortinet also advised customers to upgrade affected releases and, for CVE-2025-64155, restrict access to phMonitor port 7900.

Related Happenings

FortiBleed multi-vendor brute-force wave

Exploitation Wave
H score75 First: 23.06.2026 21:20 Last: 23.06.2026 21:20 Sources 1

About this happening: A **multi-vendor brute-force wave** tied to **FortiBleed** is hitting **Fortinet, Synology, Sophos, Citrix, RDWeb, and MS-SQL** targets, expanding the risk from one firewall-focus...

Fortinet security patch release for CVE-2026-39813

Security Patch Release
H score41 First: 16.06.2026 12:19 Last: 16.06.2026 12:19 Sources 1

About this happening: **Fortinet** released **April 14** security updates for **FortiSandbox**, covering **CVE-2026-39813**, **CVE-2026-39808**, and **CVE-2026-25089**. The patch release fixes **three...

Fortinet FortiSandbox multi-CVE exploitation wave

Exploitation Wave
H score49 First: 16.06.2026 12:19 Last: 16.06.2026 12:19 Sources 1

About this happening: **Fortinet FortiSandbox** is facing an **active exploitation wave** that puts **affected deployments** at risk of **unauthenticated remote code execution** and **privilege escalat...

CISA KEV mitigation for LiteSpeed cPanel Plugin (CVE-2026-54420)

Advisory/Mitigation
H score38 First: 16.06.2026 08:41 Last: 16.06.2026 08:41 Sources 1

About this happening: CISA put **CVE-2026-54420** in **LiteSpeed cPanel Plugin** on the **KEV catalog**, ordering **FCEB agencies** to apply fixes by **June 18, 2026**. The flaw is a **CVSS 8.5 privile...

Fortinet security patch release for CVE-2026-25089

Security Patch Release
H score44 First: 10.06.2026 18:10 Last: 10.06.2026 18:10 Sources 1

About this happening: **Fortinet**, **Ivanti**, and **SAP** released **security updates** that address multiple **critical vulnerabilities** across **FortiSandbox**, **Ivanti Sentry**, and **SAP** prod...

Latest development: 11.06.2026 09:20

Shadowserver reported large-scale exploitation attempts against Internet-exposed Ivanti Sentry gateways after CVE-2026-10520 was patched in R10.5.2, R10.6.2, and R10.7.1, saying it saw 19 vulnerable instances and at least 2 backdoored systems and warning that unpatched devices were most likely compromised.

Timeline

  1. 14.01.2026 02:00 3 articles · 5mo ago

    Fortinet releases fixes for FortiSIEM and FortiFone

    Mitigation Patch Update

    Fortinet released updates on January 14, 2026 to fix CVE-2025-64155 in FortiSIEM and CVE-2025-47855 in FortiFone, providing fixed releases for affected versions and recommending that customers restrict access to phMonitor port 7900 while upgrading.

    Show sources
  2. 14.08.2025 03:00 1 articles · 10mo ago

    Horizon3.ai reports FortiSIEM CVE-2025-64155

    Initial Disclosure

    Horizon3.ai researcher Zach Hanley reported CVE-2025-64155 in FortiSIEM on August 14, 2025, describing an OS command injection flaw in phMonitor that could let an unauthenticated attacker execute unauthorized code or commands via crafted TCP requests and chain arbitrary file write with privilege escalation on affected Super and Worker nodes.

    Show sources